AppCheck provides a REST API which is available to all customers. Below are the answers to some common questions about the API.
Where is the documentation?
How is access controlled?
Access to the API is restricted in two ways:
- By access key. You will need to provide an access key with each API request. You can have multiple keys linked to different users, but by default a user called "API" with admin permissions is created and used for a single access key.
- By IP address. API requests will only be accepted if they come from an IP address which is on your account's allow-list.
How do I request access?
To set up access to the API you will need to raise a ticket with AppCheck Technical Support providing any IP addresses you want to give access to, and we will reply with an access key for you.
If you want to set up multiple keys using specific users let us know, otherwise we will create an admin-level API user as described in "How is access controlled?".
What if I want to access the API from the cloud and I don't know the source IP address?
If you are trying to access AppCheck's API from a cloud platform (Azure, AWS, Google Cloud, etc) and do not have a static IP address then it is advisable to configure a static IP gateway using NAT for outbound requests. The alternative would be to allow access from the entire cloud platform (or region/area, depending on our platform), which obvious security implications.
AppCheck do not maintain documentation on how to perform this, since it is configurable via your cloud provider, and the implementation details may change over time. However the following links may potentially be of use in investigating how to set this up for your cloud estate:
Microsoft Azure - https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-public-ip-address
Amazon AWS - https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html
Google Cloud (GCP) - https://cloud.google.com/nat/docs/overview
Article is closed for comments.